February 26-28, 2025
Montreal, Canada

Unorthdox Threat Modelling

Threat modeling is an unpopular process among security professionals and developers as it usually requires manual drawing of systems diagrams and can be perceived as abstract since it only identifies potential risks. In this presentation, a more tactical approach to threat modeling will be presented. You will learn how threat modeling can orient security tests based on potential threats and how automation can ease the analysis of complex systems.

View all 191 sessions

Philippe Arteau

ServiceNow

Philippe is a security engineer at ServiceNow. He has an interest in software development, penetration testing and security code review. He also maintains Find Security Bugs, the open-source Java static analysis tool.
He discovered significant vulnerabilities in several popular applications like Google Chrome, DropBox, Runkeeper, Jira and more. He has presented at various conferences including Black Hat Arsenal, SecTor, AppSec USA, ATLSecCon, 44CON and JavaOne.

Read More